Ethical Hacking
Showing 36 of 40 projects
A comprehensive collection of payloads and bypass techniques for web application security testing and penetration testing.
A comprehensive collection of payloads and bypass techniques for web application security testing and penetration testing.
An open-source penetration testing framework for developing and executing exploit code against remote targets.
An open-source penetration testing framework for developing and executing exploit code against remote targets.
An open-source penetration testing tool that automates SQL injection detection and database takeover.
A curated collection of penetration testing tools, resources, and educational materials for offensive cybersecurity professionals.
A comprehensive collection of hacking tools, resources, and references for learning and practicing ethical hacking and penetration testing.
An open-source penetration testing framework for social engineering with custom attack vectors to create believable attacks quickly.
A firmware for ESP8266 microcontrollers that performs WiFi deauthentication attacks and network testing for educational purposes.
An open-source exploitation framework dedicated to embedded devices for penetration testing and vulnerability assessment.
A penetration testing framework that exploits web browsers as beachheads for client-side attacks.
A collection of webshell scripts in various languages for security testing and research purposes.
A curated list of resources for learning and practicing web application security, including tools, books, courses, and vulnerable labs.
A Python-based hacking tool for remotely exploiting Android devices via ADB and Metasploit to gain Meterpreter sessions.
An automated penetration testing tool that detects and exploits command injection vulnerabilities in web applications.
A curated list of bug bounty programs, write-ups, and resources for security researchers and ethical hackers.
A curated list of free, legal, and safe hacking environments for cybersecurity training and skill development.
A curated collection of cheat sheets and resources for penetration testing and security assessments.
A categorized collection of bug bounty write-ups organized by vulnerability type for security researchers.
A comprehensive suite for man-in-the-middle attacks, featuring live connection sniffing, content filtering, and protocol dissection.
A stealthy command and control framework that persists on webservers via a polymorphic PHP one-liner backdoor.
A web-based toolkit for XSS (Cross-Site Scripting) testing, encoding/decoding, and payload generation.
A comprehensive offensive web application penetration testing framework with 108 modules covering reconnaissance to vulnerability analysis.
A comprehensive offensive web application penetration testing framework with 108 modules covering reconnaissance to vulnerability analysis.
A collection of sorted wordlists, hashcat masks, and advanced rules for password cracking based on analysis of billions of real passwords.
A curated collection of Android exploits, hacking tools, and resources for security research and penetration testing.
An intelligent wordlist generator for password profiling using permutations and statistics based on target information.
A modular Python framework for auditing and penetration testing of IoT devices, supporting WiFi, NFC, and BLE technologies.
A cross-platform static code analysis tool for mobile applications (APK/IPA) to find security vulnerabilities like hardcoded credentials and API keys.
A rootkit that leverages eBPF to implement offensive security techniques like container breakouts, network scanning, and RASP bypass.
A tool that creates a JavaScript shell payload for exploiting XSS vulnerabilities to execute code in a victim's browser.
A collection of useful notes and reference materials for penetration testing hardware and related topics.
A frontend JavaScript framework for developing DNS rebinding exploits against vulnerable LAN devices and IoT products.
Deploy Hashtopolis on Google Cloud Shell and Colab for free, zero-infrastructure password cracking.
A Python tool that automates DDoS attacks through the Tor network for security testing and education.
A terminal-based manager for handling multiple reverse shell sessions and clients during penetration testing.
Related Tags
Found a gem we're missing?
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.